Bishop Fox named “Leader” in 2024 GigaOm Radar for Attack Surface Management. Read the Report ›

The Wolf in Sheep's Clothing: How Innocuous Exposures Become Infamous

In the hands of skilled attackers, many "low risk" exposures serve as launching pads or steppingstones to more complex and destructive attacks. Join our webcast as we dive into real-world examples.


Register to Watch Video

By submitting this form, you indicate that you have read and agree to the terms of our Privacy Policy.

Every time a new CVE is published and gains traction in the press, security teams scramble to determine whether those vulnerabilities pose a threat to their business. The truth is that, in many cases, these stories simply become a distraction. In fact, the biggest risks are often vulnerabilities that are much less glamorous, yet much easier to exploit and offer more useful footholds for attackers.

While vulnerabilities like EternalBlue and Log4j garner widespread attention, there are thousands of exposures categorized as “low risk” against pre-defined severity ratings that slip through the cracks. However, in the hands of skilled attackers, many of these exposures serve as launching pads or steppingstones to more complex and destructive attacks. The challenge for many organizations is not only identifying these exposures but also determining the potential business impact in their unique environment.

Watch Wes and Joe as they explore:

  • The speed, precision, and covert nature of modern adversaries
  • Commonly observed “low risk” exposures and how they lead to destructive attacks
  • How attack surface management and continuous penetration testing can help you uncover, assess, prioritize, and remediate these types of exposures

This talk showcases examples of exposures found in real-world environments, including a step-by-step view into how ethical hackers exploited them to reach high value targets.

Joe sechman

About the speaker, Joe Sechman

Bishop Fox Alumnus

Joe is a Bishop Fox alumnus and brought over 20 years of experience to his role as Associate Vice President of R&D. He was responsible for nurturing a culture of innovation across Bishop Fox. Over his career, Joe has amassed many security certifications, delivered several presentations, and has co-authored multiple industry publications with groups such as ISC2, ISACA, ASIS, HP, and IEEE.

Additionally, Joe is a prolific inventor with nine granted patents in the fields of dynamic and runtime application security testing, attack surface enumeration, and coverage (U.S. Patents 10,699,017, 10,515,219, 10,516,692, 10,515,220, 10,423,793, 9,846,781, 10,650,148, 10,587,641, and 11,057,395). Prior to joining Bishop Fox, Joe held leadership positions with companies such as Cobalt Labs, HP Fortify, Royal Philips, and Sunera LLC (now Focal Point Data Risk). Earlier in his career, Joe served as the lead penetration tester within SPI Labs at SPI Dynamics where he cut his teeth alongside some of the best and brightest application security industry professionals. Joe received his Bachelor of Business Administration degree in Management Information Systems from the Terry College of Business - University of Georgia.
More by Joe

Wes Hutcherson headshot

About the speaker, Wes Hutcherson

Director of Product Marketing at Bishop Fox

Wes Hutcherson is the Director of Product Marketing for Bishop Fox where he oversees market intelligence, competitive research and go-to-market strategies. His multi-faceted, technology and cyber security experience spans over a decade with market leaders such as eSentire, Hewlett-Packard and Dell SecureWorks.
More by Wes

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.